Cyber attacks won’t be stopping in 2018
Just because we came, we saw and we conquered cyber attacks in 2017 doesn’t mean we are invincible to what may come our way in 2018
Can you remember when the NHS was in trouble in a WannaCry attack, and when businesses were crippled by a global ransomware cyber attack, Petya? Well be prepared for the same kind of attacks in 2018. The use of ransomware will continue to grow this year, it’s inevitable because people and businesses just don’t seem to learn from past mistakes.
Hackers know that most people don’t back up their data so they will encrypt the data until the victim pays up. That’s the first piece we’re going to massively see in 2018— the leveraging of ransomware to go out and exhort individuals. Secondly, denial-of-service (DoS) attacks will drastically grow. Ultimately in 2018, we have the likelihood of seeing a massive outage due to possibly an IoT botnet. These will massively compromise large spots of the internet that can ultimately affect businesses and individuals all around the world. Criminals are starting to realise the monetisation potential of this kind of attack is very good.
Unfortunately in IoT environments, security is often an afterthought. If an actor figures out that those devices have a vulnerability, they can quickly exploit it. That’s only going to increase until some of these IoT organisations realise that security should be a number one foundation concern.
So, why are SMBs at high risk for ransomware attacks, and how they can protect themselves in 2018?
Here are some tips and best practices for keeping your business safe:
Hackers are evolving their techniques to get around traditional security protections, according to a recent report from PhishMe. More modern variations of the malware can inspect the machine it is infecting, and determine, based on the applications and data stored, how much money the machine’s user is likely to pay.
Preventing and mitigating attacks
SMBs should ensure that they have good remote backups of their data. Mounted drives often are not effective against ransomware because when an attack happens, attackers also typically go after the mounted drives and hijack the data there. A backup service into a cloud might be more effective.
Professionals have recommended having basic IT protections around how files are shared within a network, including a basic VPN setup for employees who work from home. Having a corporate-sponsored way of sharing files remotely, working on them, and getting them safely back into the network goes a long way.
Basic employee education programs about email phishing and other cyber threats is also very effective. You need to plan as though you’re absolutely going to get infected. The problem is you’re subject to the weakest link in the chain—the least technically skilled individual in the business will be how you become a victim.
When ransomware does hit, it’s key to identify and isolate the infected machine to ensure it doesn’t spread throughout the network.
Reporting the incident to authorities is important, independent of whether you pay the ransom, as under reporting is definitely a problem when it comes to ransomware attacks.
For small businesses, they’ve just got a business to run. For medium businesses, there is an incentive not to report it and make a big deal of it, because customers tend to judge a business that’s been infected by ransomware.
There’s currently a disconnect between IT leaders and business leaders in terms of grasping the danger of ransomware. While IT leaders tend to understand the problem, the business side does not always recognise it.
IT professionals can try to get business leaders to engage with the issue. Estimating the cost of downtimes helps a lot. For a lot of business leaders, being denied access to the IT environment for half a day can have a severe impact—walk them through that.